Click here to download all references as Bib-File.
2023-04-03 ⋅ Mandiant ⋅ ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access LaZagne BlackCat MimiKatz |
2023-01-05 ⋅ Mandiant ⋅ Turla: A Galaxy of Opportunity KopiLuwak Andromeda QUIETCANARY |
2022-05-04 ⋅ Mandiant ⋅ Old Services, New Tricks: Cloud Metadata Abuse by UNC2903 WSO |
2022-05-02 ⋅ Mandiant ⋅ UNC3524: Eye Spy on Your Email QUIETEXIT UNC3524 |
2022-04-29 ⋅ Mandiant ⋅ Trello From the Other Side: Tracking APT29 Phishing Campaigns BEATDROP VaporRage |
2022-04-28 ⋅ Mandiant ⋅ Trello From the Other Side: Tracking APT29 Phishing Campaigns Cobalt Strike |
2022-02-23 ⋅ Mandiant ⋅ (Ex)Change of Pace: UNC2596 Observed Leveraging Vulnerabilities to Deploy Cuba Ransomware Cuba KillAV |
2021-11-29 ⋅ Mandiant ⋅ Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again Cobalt Strike ROLLCOAST |
2021-11-21 ⋅ Twitter (@tylabs) ⋅ Twitter Thread about UNC1500 phishing using QAKBOT QakBot |
2021-06-16 ⋅ Mandiant ⋅ Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-06-16 ⋅ FireEye ⋅ Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Cobalt Strike SMOKEDHAM |
2021-04-29 ⋅ FireEye ⋅ UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat Cobalt Strike FiveHands HelloKitty |